Privacy Policy
Last updated: 2026-06-12
The privacy of your data — and it is your data, not ours — is a big deal to us. In this policy we lay out what we collect and why, how your data is handled, and your rights with respect to your data. We do not sell your data. We never have, and we have no intention of ever starting.
This policy applies to all products built and maintained by Augmap, Inc. (“Augmap,” “we,” “our,” or “us”), a Delaware corporation headquartered in Maine. That includes our websites (augmap.ai and its subdomains), the Augmap Trip Planner (including its live map and its integrations with AI assistants), and our land-trust mapping application for partner organizations (together, the “Services”).
What we collect and why
Our guiding principle is to collect only what we need. Here’s what that means in practice:
Identity and access
When you create an account, we ask for your email address so we can sign you in — by a one-time code we email you, or through a sign-in provider you choose — and send you essential account information. You may optionally add a display name. If you use our land-trust application as a member of a partner organization, we also record which organization you belong to so the right people can see the right maps.
We don’t sell your personal information to third parties, and we won’t use your name or organization in marketing statements without your permission.
Trips you plan
When you plan a trip, we store the trip itself: the destination, the stops and itinerary, the history of edits and actions on the trip, the map state, and the “traveler brief” — the free-text description of who’s traveling and what you’re looking for, including any constraints you provide (for example, dietary preferences or accessibility needs). We store this so your trip is there when you come back, and so suggestions can be tailored to what you told us. Trips are private by default.
A note on sensitive information: the traveler brief and constraints are free text that you (or your AI assistant, at your direction) write. We treat everything in them as trip data. Please don’t include health details, government IDs, financial information, or anything else you wouldn’t want stored with your trip.
Some features may ask to use your device’s location — for example, to center the map on where you are or find places near you. If one does, your device will ask for your permission first, and you can revoke that permission in your browser or device settings at any time; the Services work without it. The places in your trips are locations you choose to add. (Like most web services, our analytics receive your IP address, which indicates your approximate region — see Website interactions below.)
Anonymous trip sessions
You can plan a trip without creating an account. Anonymous trips are accessible to anyone who has the trip’s unique link — the link is the key, so share it only with people you want to be able to see and edit the trip. Anonymous trips are scheduled for automatic deletion about 30 days after their last activity unless you claim them with an account. Behind the scenes, an anonymous session record operates your trip; it is deleted on the same schedule.
Using Augmap through an AI assistant
The Trip Planner can be used through third-party AI assistants (for example, Claude via the claude.ai connector). When you do this:
- Your conversation with the assistant happens on the assistant provider’s platform and is governed by their privacy policy and settings, not this one — including whether your conversations (and the trip information we return into them) are used to train the provider’s models. Many consumer AI plans do this by default, so check your assistant’s privacy settings. We receive only what the assistant sends to our tools, which may include excerpts of what you told it.
- If your assistant runs on your own machine (a local or self-hosted agent), your conversation never leaves it — only the tool requests described here reach us.
- We receive the trip-related requests the assistant sends on your behalf — for example, a destination, a traveler brief, a place search, or a stop to add — and we store them with your trip, just as if you had entered them yourself. Like all requests to our Services, they also pass through our operational logs.
- We don’t train models on the content of your traveler briefs, and none of the service providers we use train their models on your data: Cloudflare (Workers AI) and Amazon Web Services (Bedrock) run AI inference for us under terms that prohibit using customer data to train models. We may train our own search and recommendation models on de-identified signals from how trips are built (see “Aggregated and de-identified data” below). Route planning and place search ranking run on software we built and operate ourselves.
Community contributions
Some parts of the Services are community-built and shared by design:
- In our land-trust application, contributions such as trail updates and property information are visible to your organization and, where the organization chooses, to the public.
- In community boards, recommendations you or your group submit are visible to the members of that board, attributed as submitted.
- If you post place reviews, ratings, or comments, they are visible to other users, attributed as submitted.
Community content also helps build our place intelligence: we may use it to create place summaries, rankings, and search indexes, and to develop and improve the models that power our search and recommendations (see our Terms of Service for the license that covers this).
If you delete your account, community contributions are retained with your account identification removed, so the shared maps your community built stay intact. If you want a contribution itself removed entirely, email us and we’ll handle it; aggregate data already derived from it that no longer identifies you may persist (see our Terms of Service).
Website interactions
We use PostHog to collect analytics about how the Services are used: which pages and features you interact with, your browser and operating system, and your IP address. We use this to understand what’s working and improve the product. We do not use analytics for advertising, and we do not share analytics data with ad networks.
Anti-bot assessments
We use Cloudflare Turnstile to protect sign-up and other forms from automated abuse. Turnstile evaluates technical signals from your browser to distinguish humans from bots; we receive the result of that assessment, not the underlying signals.
Cookies
We use first-party cookies and local storage to keep you signed in, remember your preferences, and support the analytics described above. We do not use third-party advertising or tracking cookies. You can block cookies in your browser settings, though signing in won’t work without them. We do not track you across third-party websites, no third parties collect data about your activity across other sites through our Services, and the Services do not change behavior in response to “Do Not Track” browser signals.
Voluntary correspondence
When you email us with a question or for help, we keep that correspondence, including your email address, so we have a history to reference if you reach out again.
When we access or disclose your information
To provide the Services you’ve requested. We use a small set of third-party service providers to run the Services:
| Service provider | What for |
|---|---|
| Supabase | Database and authentication |
| Cloudflare | Hosting, storage, content delivery, anti-bot protection, and AI inference (Workers AI) |
| Amazon Web Services | Cloud infrastructure and AI inference (Bedrock) |
| Resend | Transactional email (sign-in codes, account notices) |
| PostHog | Product analytics |
When you follow a booking link. Some places in the Trip Planner may show a link to book through a third-party travel site. If you click it, you leave our Services and the booking site’s terms and privacy policy apply. We may earn a commission on bookings made through these links; the link may carry an identifier that attributes the booking to Augmap, but we do not send the booking site your name, email, or trip details.
Augmap humans access your trip content only when we have a reason to: to operate, debug, and improve the Services; to help with a support request you make; to investigate a specific violation of our Terms or a security incident; or to respond to legal process. We don’t browse your trips out of curiosity, and we never use your content for advertising.
Aggregated and de-identified data. We may use aggregated or de-identified data — including de-identified signals from how trips are built, such as how often a place gets added to trips or which places tend to appear in trips together — to understand travel patterns, improve our maps and recommendations, train our own search and recommendation models, and report high-level usage statistics. We may also share or license aggregated, de-identified data — such as place summaries, rankings, and travel trends — with partners. Your raw contributions, your trips, and anything that identifies you are never part of that; we will not attempt to re-identify de-identified data, and we require anyone we share it with to commit to the same.
When required under applicable law. Augmap is a U.S. company and our primary data stores are in the United States; our content delivery network operates globally. We don’t hand over user data to governments voluntarily; we require legal process before disclosing it. Where the law allows, we’ll do our best to notify you before we do.
Finally, if Augmap is acquired by or merges with another company — we don’t plan on that, but if it happens — we’ll notify you, and this policy will continue to apply to your data until you’ve been told about any new policy and given a chance to delete your data.
Your rights with respect to your information
Wherever you live, here’s what you can do with your data — we extend these to everyone, not just where the law requires:
- Know and access. Most of the data we have about you — your trips, account details, and contributions — is visible right in the product. For anything else (like analytics or past correspondence), email us and we’ll share what we have.
- Correction. You can update your account information and edit your trips at any time.
- Deletion. You can delete individual trips, or delete your account and the personal data associated with it, directly in the app — or by emailing us if anything gets in the way. See Data retention below for the short list of what remains, like the record that we honored your deletion.
- Portability. You can request an export of your data by emailing us; we’ll get it to you as quickly as we reasonably can.
- Complaining. If you believe we’ve mishandled your data, contact us at support@augmap.ai and we’ll do our best to make it right. Depending on where you live, you may also have the right to complain to your local data-protection regulator.
How we secure your data
Data is encrypted in transit via TLS, and our hosting providers encrypt it at rest. Access to private data is restricted through application-level access controls and, in our shared database, per-row security policies. No system is perfectly secure, but we design ours so that private trips and organization data are served only to the people authorized to see them.
Data retention
| Data | Retained |
|---|---|
| Anonymous trips | Scheduled for automatic deletion about 30 days after last activity |
| Anonymous session records | Scheduled for automatic deletion about 30 days after last activity, alongside the anonymous trip |
| Account data and claimed trips | Until you delete them or delete your account |
| Community contributions | Retained, with your account identification removed after account deletion |
| Consent and deletion records | Retained as a legal record that you consented and that we honored your deletion |
| Support correspondence | Retained while useful for support history; deleted on request |
| Analytics data | Retained according to our analytics provider’s retention settings |
When you delete your account, your content becomes inaccessible in the product and we delete it from our active systems. Residual copies may persist for a limited time in our providers’ backups and logs before being purged on their normal cycles.
Location of site and data
Our Services are operated from the United States, with content delivered through a global network. If you use them from elsewhere, you understand that your information will be transferred to and stored in the United States.
Children’s privacy
The Services are not intended for children under 13, and we do not knowingly collect data from children under 13. If you believe we have, contact us and we will delete it.
Changes and questions
We may update this policy as the Services evolve. When we make a material change, we’ll update the date at the top of this page and give you reasonable advance notice — by email to account holders or a notice in the product — before it takes effect, except for changes required for legal or security reasons. Changes apply going forward. Every version is recorded, and the history is available on request.
Questions about this policy or your data? Email us at support@augmap.ai.
Adapted from the Basecamp open-source policies, used under CC BY 4.0.